SCRIPT 2026 QUESTIONS WITH
SOLUTIONS GRADED A+
◉What does index data do? (3). Answer: 1. Collects data
2. Label data with source type
3. Stored in splunk index
◉Three main roles in splunk? (3). Answer: Admin, Power, User
◉An admin does what?. Answer: Install apps, create knowledge
objects for all users (what apps a user will see by default)
◉A power user does what?. Answer: Creates and shares knowledge
objects for users of app, real-time searches
◉A Splunk user does what?. Answer: Only see own knowledge
objects and those shared to them.
◉Apps in Splunk?. Answer: 1. Pre-built dashboards, reports, alerts
and workflows
, 2. In-depth data analysis for power users
3. Search & Reporting
◉What does the search and reporting app do in splunk?. Answer:
Creates knowledge objects, reports, and dashboards
◉The seven main components in splunk searching and reporting?.
Answer: 1. Splunk bar
2. App bar
3. Search bar
4. Time range picker
5. How to search panel
6. What to search panel
7. Search History
◉What does the time range picker do?. Answer: Allow search by
preset times, relative times. Real time (earliest, latest), date range.
Retrieve events over a specific time period.
◉Limiting search by ___________ is key to faster results and is a best
practice. Answer: time